SECTIONS

BIOS

Sony locks 93,000 online accounts after security breach

Visitors at the Sony Building in downtown Tokyo play on the Sony PlayStation 3, Nov. 9, 2006. (AP / Katsumi Kasahara)

The Associated Press
Published Wednesday, October 12, 2011 10:42AM EDT

TOKYO - Sony said Wednesday intruders staged a massive attempt to access user accounts on its PlayStation Network and other online entertainment services in the second major attack on its flagship gaming site this year.

The Tokyo-based company temporarily locked about 93,000 accounts whose IDs and passwords were successfully ascertained by the blitz. Sony sent email notifications and password reset procedures to affected customers on the PlayStation Network, Sony Entertainment Network and Sony Online Entertainment services.

Credit card numbers linked to the compromised accounts are not at risk, Sony said. It has "taken steps to mitigate the activity" and is investigating any wrongful use of the accounts themselves.

"Less than one tenth of one per cent" of the service's customers may have been affected, Sony said in a statement.

The announcement follows an embarrassing data breach in April, which compromised personal data from more than 100 million online gaming and entertainment accounts and forced PlayStation Network to be shut for a month.

Sony was subsequently criticized for lax security and acting too slowly to inform customers as it grappled with one of the largest-ever security thefts.

Sony confirmed the latest incidents after its security systems detected an unusually high number of login attempts that failed, said Sony spokesman Sean Yoneda. The company suspects that those responsible obtained large data sets from other companies or sources, which were then used to try to access Sony accounts.

"What happened in April was a breach on our servers as we said in our announcements," Yoneda said. "But this time around, there was no intrusion on our servers. This was ... taking someone else's identity and trying to use that to access our services."

The unauthorized access attempts occurred between Oct. 7 and Oct. 10 and targeted accounts globally. The company said it is unclear whether the attempts were carried out by a single individual or multiple parties.

Sony's customer service centres around the world have not seen a spike in user calls related to the incidents, Yoneda said.

Under Chief Executive Howard Stringer, Sony aims to more deeply connect its hardware, content and services. Executives have said the hacker attacks in the spring did not derail that core strategy.

The PlayStation Network bounced back relatively quickly, with the vast majority of subscribers returning after Sony began restoring online gaming services in May.

Photos

Visitors at the Sony Building in downtown Tokyo play PlayStation 3s in this Nov. 9, 2006 file photo. Sony Corp. said last week that the credit card data of PlayStation users may have been stolen in a hack that forced it to shut down its PlayStation Network, disconnecting 77 million accounts. (AP Photo/Katsumi Kasahara)

People play Sony PlayStation 3 consoles at the Square Enix Party, in Makuhari, near Tokyo, on May 13, 2007. (AP / Shizuo Kambayashi)